Lesson 7 Implementing Authentication Controls verified to pass 2023/2023

Lesson 7 Implementing Authentication Controlsaccess control system - correct answer an ____________________ is the set of technical controls that govern how subjects may interact with objects identity and access management - correct answer a security process that provides identification, authentication, and authorization mechanisms for users, computers, and other entities to work with organizational assets like networks, operating systems and applications identification, authentication, authorization, accounting - correct answer an identity and access management system is usually described in terms of four main processes: identification - correct answer the process by which a user account and its credentials is issued to the correct person, sometimes referred to as enrollment authentication - correct answer a method of validating a particular entity's or individual's unique credentials authorization - correct answer the process of determining what rights and privileges a particular entity has accounting - correct answer tracking authorized usage of a resource or use of rights by a subject and alerting when unauthorized use is detected or attempted authentication, authorization, accounting - correct answer a security concept where a centralized platform verifies subject identification, ensures the subject is assigned relevant permissions, and then logs these actions to create an audit trail factors - correct answer There are many different technologies for defining credentials and can be categorized as ________________ logon - correct answer The typical knowledge factor is the ______________, composed of a username and password personal identification number - correct answer number used in conjunction with authentication devices such as a smart card know, have, are - correct answer Three factors of authentication are something you _____________, ________________ or _______________ ownership - correct answer an ________________ factor means that the account holder possesses something that no one else does, such as a smart card, fob, or wristband biometric - correct answer a ___________________ factor uses either physiological identifiers such as a fingerprint, or behavioral identifiers such as the way someone moves authentication design - correct answer refers to selecting a technology that meets requirements for confidentiality, integrity, and availability confidentiality - correct answer in terms of authentication, __________________ is critical because if account credentials are leaked, threat actors can impersonate the account owner integrity - correct answer in terms of authentication, ________________ means that the authentication mechanism is reliable and not easy for threat actors to bypass or trick without counterfeit credentials availability - correct answer in terms of authentication, _________________ means that the time taken to authenticate does not impede workflows and is easy enough for users to operate multifactor authentication - correct answer an authentication scheme that requires the user to present at least two different factors as credentials, from something you know, something you have, something you are, something you do, and somewhere you are